implement nameid stuff and extra check on sp entityid setting

Hans Zandbelt · Hans Zandbelt · commit 5f46f4a74b1d · 2009-06-19T15:31:11.000Z
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1529 44740490-163a-0410-bde0-09ae8108e29a
diff --git a/modules/adfs/www/idp/prp.php b/modules/adfs/www/idp/prp.php
@@ -190,7 +190,12 @@ function ADFS_PostResponse($url, $wresult, $wctx) {
 	
 		$spentityid = $requestcache['Issuer'];
 		$spmetadata = SimpleSAML_Configuration::getConfig('adfs-sp-remote.php');
-		$spmetadata = SimpleSAML_Configuration::loadFromArray($spmetadata->getValue($spentityid));
+		
+		$arr = $spmetadata->getValue($spentityid);
+		if (!isset($arr)) {
+			throw new Exception('Metadata for ADFS SP "' . $spentityid . '" could not be found in adfs-sp-remote.php!');
+		}
+		$spmetadata = SimpleSAML_Configuration::loadFromArray($arr);
 
 		$sp_name = $spmetadata->getValue('name', $spentityid);
 
@@ -241,8 +246,17 @@ function ADFS_PostResponse($url, $wresult, $wctx) {
 		if (array_key_exists('RelayState', $requestcache)) $relayState = $requestcache['RelayState'];
 
 		$nameid = $session->getNameID();
+		$nameid = $nameid['value'];
+		
+		$nameidattribute = $spmetadata->getValue('simplesaml.nameidattribute');
+		if (isset($nameidattribute)) {
+			if (!array_key_exists($nameidattribute, $attributes)) {
+				throw new Exception('simplesaml.nameidattribute does not exist in resulting attribute set');
+			}
+			$nameid = $attributes[$nameidattribute][0];
+		}
 
-		$response = ADFS_GenerateResponse($idpentityid, $spentityid, $nameid['value'], $attributes);
+		$response = ADFS_GenerateResponse($idpentityid, $spentityid, $nameid, $attributes);
 		$wresult = ADFS_SignResponse($response, $config->getPathValue('certdir') . $adfsconfig->getValue('key'), $config->getPathValue('certdir') . $adfsconfig->getValue('cert'));
 
 		ADFS_PostResponse($spmetadata->getValue('prp'), $wresult, $relayState);
